a

b

c

d

e MTTFd = low, MTTFd = medium, MTTFd = high

Category B DCavg =

0

1 DCavg =

0

2 DCavg =

low

2 DCavg =medium

3 DCavg =

low

3 DCavg =medium

4 DCavg =

high

Simplified graphic determination of the PL reached.Relationship between the categorie, DC, MTTFd and PL

Functional safetyEN ISO 13849-1 (PL)

Detecting

Sensor

Alerting

Logic Actor

Evaluating

Safety Instrumented System SIS (Safety Loop)

Machine safety, e.g. start-up warning

Command device

S2

Command device

S1

Start-up controlK1 (logic)

Safety contactor Q1 (actor)

Warning signal P1

Diagnosis unit G1 (sensor)

Machine control K2

PL bar chart according to ISO 13849-1

Risk assessment

Evaluation of the safety function

Calculation according to EN ISO 13849-1

Calculation is done with a source of:

Data from manufacturer

Data from the application

Calculation according to norm

Determination of the required Performance Level (PLr)

Risk parameters} S – Severity of the injury S1 = minor injuries (normally reversible) S2 = serious injuries, including death (normally irreversible)

} F – Frequency and/or length of exposure to the hazard F1 = rarely to more often and/or short periods F2 = frequently to continuously and/or long duration

} P – Possibilities to avoid danger P1 = possible under certain conditions P2 = barely possible

PL�

Value ranges

NameDiagnostic coverage

(DC)Average time until a

dangerous failure (MTTFd)

none DC > 60%

low 60% ≤ DC > 90% 3 years ≤ MTTFd > 10 years

medium 90% ≤ DC > 99% 10 years ≤ MTTFd > 30 years

high 99% ≤ DC 30 years ≤ MTTFd > 100 years

10-8

10-7

10-6

3 x 10-6

10-5

10-4

PFH[1/h]

Required safety related parameters

EN ISO 13849-1 Device typePLKategorieT1

-Units with internal diagnosis safety control

safety switch gears

MTTFd DC, CCF, category Units

without internal

diagnosis

Without omponents that are

subject to wear and tear

sensors, signaling devices

B10d DC, CCF, category, nop

With omponents that are

subject to wear and tear

emergency shutdown, relay, switch

CCF: failure due to common causeDC: diagnostic coverage

nop

MTTFd

MTTFd

Component 1Not subject to wear and tear;

without internal diagnosis MTTFd

Component 3Subject to wear and tear; without internal diagnosis

B10d

Component 2 With internal diagnosis

PL, KAT, PFH

➞

MTTFd

DC, CCF, KAT

PLPFH

&

PL, PFH➞

Minor risk

PerformanceLevel required

(PLr)

High risk

Starting point for risk

evaluation

PL/PFH [1/h] in comparison to SIL

PL PFH [1/h] SIL

a ≥ 10-5 ... > 10-4 = no equivalent

b ≥ 3 x 10-6 ... > 10-5

≙ SIL 1c ≥ 10-6 ... > 3 x 10-6

d ≥ 10-7 ... > 10-6 ≙ SIL 2

e ≥ 10-8 ... > 10-7 ≙ SIL 3

G1

K1

Q1

PL PL1≥Verification: ?